Area of Expertise

Project Management, Security Awareness Training, IT Audit, Quality Assurance, Business Continuity Planning, Security Policies/Standards, Network Security, Technical Support/Administration, Providing guidance on information security and Risk Management related matters.

Career

Confidential

Technical Support Specialist

• Maintained high levels of customer satisfaction, productivity handling over 55 calls per week and averaging 11 calls daily quickly earning a solid reputation for resolving complex issues and providing exceptional customer service.
• Provided technical support for all Kodak installed equipment, supporting over 7000 CVS stores throughout the U.S by responding to incoming calls and assisting store operators with technical support for remotely managed Kodak Picture Kiosks and Kodak APEX running Windows OS with proprietary Kodak SW as well as a suite of printers and scanners
• Walked store operators through all aspects of the troubleshooting including but not limited to software installation, network configuration, malfunctioning switches and NIC cards, system disaster recovery, monitor malfunctions, and OS failure. Also talk store operators through removing or setting up newly delivered equipment or entire network systems
• Excellent communication and diagnostic skills consistently solved problems and quickly gained a reputation for productivity, complex problem resolution and professionalism.

Confidential

Security Officer and Business Continuity Coordinator

• Perform Information Security Risk Assessments on existing and future infrastructure projects for the North Carolina Families Access Services Through Technology NCFAST Agile based project ie. development, testing, future releases of the Software, architecture and infrastructure, data conversion, interfaces, etc. The virtulaized system architecture included: IBM Power 720 servers running multiple LPARs Oracle backend databases MVS COBOL CICS - VB, Web Based C - ASP Java - Java Script J2EE, Data Management Oracle.
• Reviewed all technical documentation and provided feedback to ensure security concerns were being met as well as understanding the application and various existing infrastructure environments.
• Planned, developed and co-authored the Business Continuity Program COOP for the NCFAST organization, to ensure all essential functions would continue to be performed in case of a disaster.
• Acted as a single point of contact for all Security related matters specific to NCFAST ie. development, testing, future releases of the Software, architecture and infrastructure, data conversion, interfaces, etc.
• Responsible for tier 2 support of the Curam development environment user ID administration via a centrally managed ID and access control system
• Work with Curam Application access custodians to ensure that access to the applications data was appropriate and assisted in the build out of the various user groups used through the NC Counties by the DHHS employees.
• Active participant in staff meeting and future release business meeting with the PM office.

Confidential

Instructor Assistant/Lab Assistant

• Worked as a teaching assistant instructor in the Information Security Systems Security Department.
• Have experience in teaching Information Security with good teaching strategies, classroom management and a strong commitment to student development.
• Responsible for managing the network/security lab for all students as well as helping with the setup of virtual box for home home labs.
• Providing after class study sessions and assistance with any homework or lab assignments.

Confidential

Operational Risk Consultant

• Perform Information Security Risk Assessments on existing and future infrastructure projects.
• Provide operational risk expertise to complex technology processes.
• Conduct control review meetings with subject matter experts and risk business partners and provide detailed status updates of assessments.

Confidential

Security Operations Manager

• Responsible for the management of 26 security professionals, in the Americas, whose primary functions were to perform routine changes and maintain configurations of security systems and architectures, which included but not limited to ArcSight SEIM,, Fortinet, Checkpoint Nokia Crossbeam Firewalls, Dragon and Cisco IDS and Message Labs web and email filtering.
• Were responsible for conducting network, local and web-focused vulnerability scans for customers as well as our internal network using Foundstone Vulnerability Scanning tools.
• Acted as an escalation point for activities that were not resolved in a timely manner or which needed management involvement to help bring resolution to an issue.
• Established a successful product maintenance program and lead efforts to renew multi-vendor service contracts while saving the company over 100K in unused support services.
• Collected metrics and produce operational activity and trending reports for senior management to allow them to analyze the productivity of the SOC

Confidential

Information Security Analyst

• Oversaw all ongoing activities related to the development, implementation, and maintenance of the organizations policies and procedures ensuring they were in compliance with corporate and regulatory requirements.
• Responsible for coordinating and managing the efforts of the CyberTrust risk assessments, which included a technical, procedural and physical review process.
• Planned, developed, co-authored and implemented the Regulatory and Technology Risk Assessment Methodology, to ensure ongoing security compliance based on SOX, HIPAA, GLBA, PCI and other relevant standards.
• Participated in all planned data center fail-over testing events. Helped report metrics on BC/DR compliance standing. Assisted in driving business continuity concepts across the technology organization.
• Lead the development and deployment efforts for a comprehensive multi-platform key management solution providing the bases for secure transmission of customer's electronic data.
• Developed multi-layer protection for the Linux-based encryption key management architecture and FTP hosting servers. Ensure automatic synchronization to backup linux key management systems for redundancy and disaster recovery.
• Reviewed user permission levels to reduce privilege creep and identify orphans on all active systems Unix, Linux, Windows, Cisco, Mainframe, third party applications, etc
• Confidential
• Information Security Officer
• Successfully established and managed the Information Security Officer Function directly responsible for 88 products across Network, Voice and Multimedia Infrastructure Engineering
• Assisted all Information Owners on the annual assessment of the business risk associated with each Information System/product under their control and in classifying information and assessing process criticality.
• Conduct Information Technology security audits to ensure compliance with information security policies and standards.
• Liaise with Information Technology departments to proactively review threats and vulnerabilities relating to information security requirements, compliance requirements, infrastructure risks and other sources.
• Responsible for the completion of the on site Third Party Vendor Security Assessment of MCI/USAN in Sacramento CA. This vendor managed the NIVR system for all of Citigroup.
• Facilitated awareness and training programs developed for CTI, which included all 10 Security Domains as mentioned in the CISSP certification material.
• Analyzed technologies, recommended vendors and built products to address specific threat vectors including but not limited to:
• Disk and Data Encryption Intrusion Detection Anti-Malware Perimeter Protection Web Filtering Web Application Firewall Patch Management etc..

Network Security Operations Manager

• Provided operational oversight of the Information Security Operations department with a dedicated staff of five. Interfaced with business partners to determine how the Security Operations department could best provide services and solutions for our customers.
• Provided technical leadership to security staff and supported their personal and professional development. Also ensured that staff members were recognized for their achievements, and provided my assistance where needed with their problems or issues.
• Oversaw forecasting of staffing requirements, work schedules, and equipment cost in support of future growth. Managed inventory of technical assets valued at up to 1M
• Developed comprehensive internal Process Control Manuals and ensured their adherence to the corporate policy and standards.
• Participated in the development and the implementation of a web-based security access request system

Network Security Engineer

• Responsible for assisting in the assessment of technical project feasibility, gathering business requirements, and executing project plans for technical security deployments.
• Installed and configured firewalls as well as provided maintenance to existing network infrastructures. Collaborated with developers to better secure company products and assisted network engineers in the design of LAN/WAN infrastructures including Regional proxies, IDS, and VPN.
• Trouble-shouted and resolved problems on various applications and operating systems using Packet analysis to monitor live traffic.
• Team Lead for an enterprise-wide SNMP based application module rollout. Managed all phases of the project from requirements gathering through user acceptance testing and documentation development. Presented project status in weekly briefings to senior management.
• Participated Business Continuity Testing COB specific to Security Operations as well as continually helping business related testing to ensure their applications were available incase of a major outage.